Adobe Acrobat Remote Code Execution Vulnerability(Win) Network Vulnerability

Summary

This host is installed with Adobe Acrobat and is prone to Remote Code Execution Vulnerability.

Impact

Successful exploitation will allow attackers to bypass the security controls and execute arbitrary javascript code by launching javascript scheme URIs when a PDF file is being viewed in a browser. Impact Level: System/Application

Solution

Update to Adobe Acrobat version 11.0.05 or later, For updates refer to http://www.adobe.com/downloads/updates.html

Insight

The flaw is due to some error affecting javascript security controls.

Affected

Adobe Acrobat version 11.x before 11.0.05 on Windows

Detection

Get the installed version of Adobe Acrobat with the help of detect NVT and check it is vulnerable or not.

References

http://secunia.com/advisories/54754
http://www.securityfocus.com/bid/62888
https://www.adobe.com/support/security/bulletins/apsb13-25.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-5325
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)
Adobe Air Code Execution and DoS Vulnerabilities (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
Adobe Acrobat Multiple Vulnerabilities - Windows

Take action and discover your vulnerabilities